Added controller authorization possibility. It's only quick fix, normal authentication process should be added

This commit is contained in:
Andrey Storchak 2016-02-21 11:00:14 +02:00
parent eda3f9d57c
commit 5c9de12d82
2 changed files with 16 additions and 2 deletions

View file

@ -1,4 +1,5 @@
{
"Addr": "127.0.0.1:5000",
"Fail2banSocket": "/var/run/fail2ban/fail2ban.sock"
"Fail2banSocket": "/var/run/fail2ban/fail2ban.sock",
"ControllerIp": "127.0.0.1"
}

View file

@ -8,15 +8,28 @@ import (
"github.com/gorilla/mux"
"net/http"
"os"
"strings"
)
type Configuration struct {
Addr string
Fail2banSocket string
ControllerIp string
}
var fail2goConn *fail2go.Conn
func controllerIpFilterMiddleware(h http.Handler, allowedIpAddress string) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
requestSource := strings.Split(r.RemoteAddr, ":")
if requestSource[0] != allowedIpAddress {
http.Error(w, "Not authorized", http.StatusForbidden)
return
}
h.ServeHTTP(w, r)
})
}
func main() {
configPath := flag.String("config", "config.json", "path to config.json")
flag.Parse()
@ -45,6 +58,6 @@ func main() {
whoisHandler(res, req, fail2goConn)
}).Methods("GET")
http.Handle("/", r)
http.Handle("/", controllerIpFilterMiddleware(r, configuration.ControllerIp))
fmt.Println(http.ListenAndServe(configuration.Addr, nil))
}